E-learning Management System Security Vulnerabilities and Issues — E-learning Management System CVE List

Lucene search

LopalopaE-learning Management System

11 matches found

CVE•added 2024/12/09 2:15 p.m.•58 views

CVE-2024-54937

A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/assets.

5.3CVSS6.6AI score0.00123EPSS

CVE•added 2024/12/09 3:15 p.m.•52 views

CVE-2024-54919

A Stored Cross Site Scripting (XSS ) was found in /teacher_avatar.php of kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to execute arbitrary java script via the filename parameter.

5.4CVSS7AI score0.00067EPSS

CVE•added 2024/12/09 2:15 p.m.•49 views

CVE-2024-54936

A Stored Cross-Site Scripting (XSS) vulnerability was found in /send_message.php of Kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the my_message parameter.

5.4CVSS5.7AI score0.00135EPSS

CVE•added 2024/11/14 2:15 p.m.•48 views

CVE-2024-50841

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/calendar_of_events.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the date_start, date_end, and title parameters.

5.4CVSS5.7AI score0.00142EPSS

Web

CVE•added 2024/12/09 6:15 p.m.•48 views

CVE-2024-54935

A Stored Cross-Site Scripting (XSS) vulnerability was found in /send_message_teacher_to_student.php of kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the my_message parameter.

5.4CVSS5.9AI score0.00135EPSS

CVE•added 2024/11/14 2:15 p.m.•42 views

CVE-2024-50840

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/class.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the class_name parameter.

5.4CVSS5.7AI score0.00403EPSS

Web

CVE•added 2024/11/14 3:15 p.m.•41 views

CVE-2024-50837

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/admin_user.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the firstname and username parameters.

5.4CVSS5.7AI score0.00142EPSS

Web

CVE•added 2024/11/14 2:15 p.m.•41 views

CVE-2024-50839

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/add_subject.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the subject_code and title parameters.

5.4CVSS5.7AI score0.00165EPSS

Web

CVE•added 2024/11/14 3:15 p.m.•39 views

CVE-2024-50838

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/department.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the d and pi parameters.

5.4CVSS5.7AI score0.00165EPSS

Web

CVE•added 2024/11/14 2:15 p.m.•38 views

CVE-2024-50842

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/school_year.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the school_year parameter.

5.4CVSS5.7AI score0.00142EPSS

Web

CVE•added 2024/11/14 5:15 p.m.•37 views

CVE-2024-50836

A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the firstname and lastname parameters.

5.4CVSS6AI score0.00127EPSS

Web